book

Linux Shell Scripting for Hackers

Name: Linux Shell Scripting for Hackers
ISBN: 9781835462195

by Valentine G. Nachi, Donald A. Tevault

February 2026

Beginner

500 pages

10h 17m

English

Packt Publishing

Read now

Unlock full access

Preface
Who this book is forWhat this book coversTo get the most out of this bookGet in touchFree benefits with your bookHow to unlock
Scripting Basics and Environment Setup
Why bash Scripting for Hackers?
Technical requirementsThe power of automation for efficiency and accuracyScaling your attacks through scriptsHow scripting improves the hacking processEthical considerations – responsible scripting in hackingOptimizing scripts for speed and efficiency – performance tweaksbash fundamentalsCreate your first bash scriptshebangAdding your script to PATHbash variablesCommentsCommand substitutionFunctionsControl structuresOne-liners and quick terminal scriptingSummaryQuestionsFurther readingAnswersGet this book’s PDF version and more
Hacking Lab Setup with Kali Linux
Technical requirementsIntroduction to Kali Linux and its toolsManually setting up your ethical hacking labWhy set up a local lab?PreparationSetting up your virtual lab manuallyAutomating lab setup with VagrantSummaryQuestionsFurther readingAnswersGet this book’s PDF version and more
Input, Output, and File Manipulation
Technical requirementsReading input from the user (keyboard, files)The read commandPrompting user for inputRead multiple inputs with readReading with no displayTiming outValidating user input using if statementsRead command options tableRead input from a fileUnderstanding command-line parametersPassing parameters to scriptsReading parameters in scriptsReading the script nameValidating parametersbash special parameter variablesCounting all the parametersGrabbing all the data using ($@)Grabbing all the data using ($*)Getting the process IDUnderstand the shift commandProcessing multiple command-line optionsDealing with command-line optionsHow to process simple optionsSeparating options from parametersPutting it all togetherHow to process options with valuesUsing the getopt commandLooking at the getopt command formatUsing getopt in your scriptsStandardizing script optionsRedirecting input/output for flow controlRedirect the standard output of a command to a fileRedirect the standard error of a command to a fileDiscard the standard output of a commandRedirect the contents of a file to the stdin of a commandManipulating file contents with awk, sed, and grepawksedgrepSummaryQuestionsFurther readingAnswersGet this book’s PDF version and more
Scripting for Network Hacking
Reconnaissance and Scanning with Nmap
Technical requirementsAutomate scans with NmapWhat is Nmap?Why automate Nmap scans?Understanding Nmap scan typesTCP connect scanSYN scanUDP scanOther scan typesAutomating Nmap scans with bash scriptsParsing Nmap output with bashScheduling Nmap scans with cron jobsAdvanced Nmap scripting techniques – parallel scanningParsing, formatting Nmap scan results, and creating reportsUnderstanding Nmap output formatsWhy use bash for Nmap report generation?Generating custom reports using grep and awkCreating automated HTML reportsNmap Scripting Engine for enhanced scansGetting started with NSE scriptsIncorporating Nmap scripts in a bash scriptSummaryQuestionsFurther readingAnswersGet this book’s PDF version and more
Automating Web Application Attacks
Technical requirementsWeb scanning with NiktoInstalling Nikto on Kali LinuxScanning the Metasploitable2 websiteScanning the Metasploitable2 web appsSaving Nikto scan output to a fileScanning an HTTPS site with NiktoScanning websites with non-standard portsAutomating Nikto scans with shell scriptsScanning website directories with dirbBasic scanning with dirbUsing wordlists with dirbAutomatically downloading indexed filesAutomatically scanning for robots.txt filesSQL injection attack automation with SQLMapConfiguring Metasploitable2Correcting a configuration error in the Mutillidae appCreating or resetting the DVWA database and configure securitySQL injection with the GET methodSQL injection with the POST methodOperating system command injection automationThe basic command injection demoGetting a reverse shell from the web serverAutomating scans for command injection vulnerabilitiesAutomating command injection scans with CommixScanning for blind injection vulnerabilitiesSummaryQuestionsFurther readingAnswersGet this book’s PDF version and more
Exploiting Systems and Post-Exploitation
Password Cracking Techniques
Technical requirementsUnderstanding password attacksScanning for exposed network servicesWordlist generation and customizationBuilding username listsBuilding custom password listsCreating password lists with rsmanglerCreating password lists with cewlCracking passwords with hydraAttacking exposed network services with hydraAttacking SSH with hydraAttacking multiple targets at once with hydraSaving hydra output to a fileAttacking a web form login page with hydraAttacking the SSH daemon with a shell scriptCracking passwords with John the RipperUnderstanding the Linux and Unix shadow system, and password hash algorithmsStage 1—Preparing the username and hash file for John the RipperStage 2—Using john to process the username and hash fileUnderstanding password hashing algorithmsUnderstanding the john output filesCracking SSH private keys with johnSummaryQuestionsFurther readingAnswersGet this book’s PDF version and more

Understanding Privilege Escalation and Persistence
Technical requirementsUnderstanding privilege escalation methodsFinding a user with full sudo privilegesExploiting bad sudo configurationsExploiting bad SUID permissionsEscalating after logging into someone else’s accountEscalating after a command injection attackUsing the root user shell to create a privileged user accountUsing the root user shell to add a user to an admin groupAutomatically invoking a reverse shellUploading malware via an NFS exploitEscalating user privileges on a web applicationExploiting an unsecured Docker containerMethod 1 – Change the user’s UID to 0Method 2 – Add the user to an administrator groupPreventing attacks with insecure containersCleaning up after a penetration testSummaryQuestionsFurther readingAnswersGet this book’s PDF version and more
Automate Penetration Testing with Metasploit
Technical requirementsIntroduction to the Metasploit FrameworkUnderstanding the Metasploit modulesGetting started with msfconsoleUsing msfconsole in interactive modeEscalating privileges with MeterpreterUsing msfconsole with a resource fileUsing msfconsole commands within a shell scriptUsing Metasploit with the PostgreSQL databaseUsing the database with multiple target hostsUsing the database in shell scriptsSummaryQuestionsFurther readingAnswersGet this book’s PDF version and more
Advanced Scripting and Real-World Hacking Projects
Wi-Fi Hacking with Kismet and Wifite
Technical requirementsUnderstanding the wireless security protocolsWired Equivalent Privacy (WEP)Wi-Fi Protected Access (WPA)Wi-Fi Protected Access 2 (WPA2)Wi-Fi Protected Access 3 (WPA3)Hacking networks with default passwordsA different password for each deviceThe same default password for every deviceThe same default password for initial setupSetting up a wireless adapter for VirtualBoxPerforming wireless reconnaissance with KismetSetting up KismetViewing wireless networks with KismetAutomating Wi-Fi attacks with Wifite4-way handshakesWi-Fi Protected Setup (WPS)Pairwise Master Key Identifier keysPerforming a WPA 4-way handshake attackPerforming a PMKID attackPerforming a WPS attackAttacking a WPA3 access pointSummaryQuestionsFurther readingAnswersGet this book’s PDF version and more
Auditing and Hardening Linux with Shell Scripts
Technical requirementsAutomating security updatesAutomating security updates for Ubuntu ServerAutomating security updates on Red Hat-type systemsAutomating updates for openSUSE 16When to enable automatic updatesAuditing users’ sudo activityAuditing for enabled root user accountsAuditing Apache access logs for malicious attacksInstalling the bat viewerCreating the xss_detect.sh scriptAuditing and hardening with LinPEAS and LynisAuditing with LinPEASAuditing with LynisComparing LinPEAS and LynisShell scripts for firewall configurationUnderstanding Linux firewallsShell scripting with Uncomplicated FirewallCreating a shell script for SSH and Apache accessCreating a shell script for controlling web server accessShell scripting for firewalldUnderstanding firewalld zonesUnderstanding firewalld servicesCreating a shell script for web server accessCreating a shell script to restrict web server accessSummaryQuestionsFurther readingAnswersGet this book’s PDF version and more
Automated Report Generation and Visualization
Technical requirementsCreating and using automated report templatesUnderstanding report templatesCreating a basic report templateAutomating report generation with bashExtracting key findings with scriptingParsing tool outputsParsing nmap outputExtracting vulnerabilitiesExtracting vulnerabilities from JSON outputSummarizing findingsSummarizing findings in bashBasic data visualization (graphs, charts)Choosing between Gnuplot and bash scriptsGenerating graphs with GnuplotGenerating a simple line graphGenerating a bar chartCreating charts with bash scriptsCreating an ASCII bar chartExporting data to CSVSummaryGet this book’s PDF version and more
End-to-End Penetration Testing Projects
Technical requirementsAn internal network compromiseReconnaissance – scanning the networkManual processAutomation with bashFinding exploits with SearchSploitManual processRecognizing the need for automationAutomating SearchSploit with bashExploiting port 21 – FTPManual exploitation with MetasploitAutomating exploitation with MetasploitExploiting port 8180 – Apache TomcatStep 1 – Brute-forcing credentialsStep 2 – Brute-forcing login with discovered usernamesStep 3 – Deploying the exploitAutomating Apache Tomcat exploit with bashExploiting port 6667 – UnreallRCd backdoorManual process – exploiting UnreallRCdAutomating the UnreallRCd exploit with bashPrivilege escalation - exploiting port 2049 – Network File System (NFS)Step 1 – Identifying NFS exportsStep 2 – Gaining access by adding an SSH keyStep 3 – SSH into the target as rootAutomating NFS exploit with bashA vulnerable web applicationVulnerability – brute forceStep 1 – Extracting cookiesStep 2 – Inspecting the login formBrute-forcing the DVWA login pageBrute-forcing at medium securityBrute-forcing at high securityUsing a bash script for high securityWhy this script works at high securitySummaryGet this book’s PDF version and more
Unlock Access to the Code Bundle and the PDF Version
Unlock this book’s free benefits in three easy stepsStep 1Step 2Step 3Need help?
Other Books You May Enjoy
Index

Content preview from Linux Shell Scripting for Hackers

7 Understanding Privilege Escalation and Persistence

You’ve learned some important skills in the previous three chapters. In Chapter 4, Reconnaissance and Scanning with Nmap, you learned how to scan target systems to see which network services are exposed to the network. In Chapter 5, Automating Web Application Attacks, you saw how to exploit vulnerabilities in running web services, and in Chapter 6, Password Cracking Techniques, you saw how to gain access to a system by using automated password cracking tools. In this chapter, you’ll take the next step by learning how to escalate the privileges of an unprivileged user account that you may have compromised. Granted, you actually found a privileged user account in Chapter 6, because the msfadmin ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781835462195

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Linux Shell Scripting for Hackers

by Valentine G. Nachi, Donald A. Tevault

7

Understanding Privilege Escalation and Persistence

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.